CISSP – Who Should Attend & What Will Be Learned

CED Solutions is an Official Partner of (ISC)² and offers the exam onsite immediately after the instruction. Register and attend this course here.

Who should attend

The course is intended for students who have at least four years of recent full-time security professional work experience in two or more of the ten domains of the (ISC)² Certified Information System Security Professional® (CISSP) Common Body of Knowledge® (CBK). The CISSP CBK defines the work experience in architecture, design, management, risk, and controls that assure the security of business environments. The course builds on and brings together the holistic view of the topics covered in the everyday environment of an information assurance professional. Professional experience including the following will greatly enhance the learning environment.

Work requiring special education or intellectual attainment, usually including a liberal education or college degree.

Work requiring habitual memory of a body of knowledge shared by others doing similar work.

Management/supervision of projects and/or employees.

Work requiring the exercise of judgment, management decision-making, and discretion.

Work requiring the exercise of ethical judgment (as opposed to ethical behavior).

Professional writing and oral communication (e.g., presentation).

Research and development

The specification and selection of controls and mechanisms (i.e. identification and authentication technology, does not include the mere operation of these controls).

Each chapter/module/agenda is derived from the CISSP CBK and updated by the results of the Job Task Analysis (JTA). The JTA topics are developed by a small group of Subject Matter Experts (SME) who have a number of years of experience and are representative of various geographic regions, ethnicity, and practice settings. The entire membership group of the credential holders is asked to validate the survey based on their current day to day tasks. Every topic covered during the class is literally the same tasks performed by current CISSP credential holders.

Why is the CISSP relevant to Information Security?

The information security professional’s work environment continually changes as new technologies emerge, rules and regulations are updated, and new threats are identified. In order to ensure that each certification offering remains relevant to these changing environments, the International Information Systems Security Certification Consortium, Inc., (ISC)² conducts Job Task Analysis (JTA) for its credentials every three years. A JTA may be conducted prior to the three-year cycle if significant content changes must occur. A JTA study is the methodical and critical process used to determine tasks that are performed by credential holders. Results of the JTA study link candidates’ examination score directly to the domain knowledge being tested.

The JTA study begins by assembling a small but diverse group of Subject Matter Experts (SME) who have a number of years of experience and are representative of various geographic regions, ethnicities, and practice settings. Under the direction of a psychometrician, the group reviews the list of tasks and knowledge statements of the existing Detail Content Outlines (DCO) and develops a new list by incorporating changes that have taken place in the practice field since the last DCO was developed. The final list developed by the group is converted into a survey. The entire membership group of the credential holders is asked to validate the survey.

Once the survey responses are collected and its data is analyzed by a psychometrician, the results are presented to the members of the Job Task Analysis (JTA) committee. The psychometrician leads the discussion and the Committee finalizes the results to develop the new DCO. The DCO becomes the basis for exam development, and is made public with the release of the Candidate Information Bulletins (CIB). Based on this JTA process, the content within the DCO could be changed, moved around, and rephrased to reflect the current practices. Domain names could also be changed or even deleted and added based on the changes that have taken place in the practice field. All (ISC)² official documents, such as the CIB must reflect these changes per acceptable psychometric standards and ISO/IEC 17024 requirements before they are made available to candidates.

Candidates who are preparing for the examination must be aware of these changes and prepare for the examination accordingly. The changes could influence the examinations both at the test level and item (or question) level.

CED Solutions is a Cisco Learning Partner, Microsoft Gold Learning Partner and the #1 location for Microsoft Certifications in North America for the last 6 years combined. CED Solutions is a CompTIA Partner, EC Council Partner, and many others and is one of the largest providers of training in North America. The Atlanta facility provides IT training for up to 300 students per day, with separate buildings dedicated to training. CED Solutions provides training for up to 10,000 students per year and students take up to 800 certification exams every two weeks.